From 203d3cfab41914781efae02f3b877c74cb3a215a Mon Sep 17 00:00:00 2001
From: Daniel Lehman <dlehman@esri.com>
Date: Fri, 8 Sep 2017 10:32:07 -0700
Subject: [PATCH] msvcrt: Use exception base to create copy constructor pointer

the exception base (exc_base) from the ExceptionRecord is used in
find_caught_type to find the type info for the exception (cxx_type_info)

all related type information is relative to this base, including the
offset for the copy constructor.  this matches the base what
dump_exception_type / dump_type use when printing the copy constructor pointer

currently, copy_exception uses dispatch->ImageBase, which may be different
from where the type is.  this leads to a crash where an exception
originates inside of Wine and is caught in a Windows dll

Signed-off-by: Daniel Lehman <dlehman@esri.com>
---
 dlls/msvcrt/except_x86_64.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/dlls/msvcrt/except_x86_64.c b/dlls/msvcrt/except_x86_64.c
index 7e9c38d..0820aad 100644
--- a/dlls/msvcrt/except_x86_64.c
+++ b/dlls/msvcrt/except_x86_64.c
@@ -248,7 +248,7 @@ static const cxx_type_info *find_caught_type(cxx_exception_type *exc_type, ULONG
 static inline void copy_exception(void *object, ULONG64 frame,
                                   DISPATCHER_CONTEXT *dispatch,
                                   const catchblock_info *catchblock,
-                                  const cxx_type_info *type)
+                                  const cxx_type_info *type, ULONG64 exc_base)
 {
     const type_info *catch_ti = rva_to_ptr(catchblock->type_info, dispatch->ImageBase);
     void **dest = rva_to_ptr(catchblock->offset, frame);
@@ -273,13 +273,13 @@ static inline void copy_exception(void *object, ULONG64 frame,
             if (type->flags & CLASS_HAS_VIRTUAL_BASE_CLASS)
             {
                 void (__cdecl *copy_ctor)(void*, void*, int) =
-                    rva_to_ptr(type->copy_ctor, dispatch->ImageBase);
+                    rva_to_ptr(type->copy_ctor, exc_base);
                 copy_ctor(dest, get_this_pointer(&type->offsets, object), 1);
             }
             else
             {
                 void (__cdecl *copy_ctor)(void*, void*) =
-                    rva_to_ptr(type->copy_ctor, dispatch->ImageBase);
+                    rva_to_ptr(type->copy_ctor, exc_base);
                 copy_ctor(dest, get_this_pointer(&type->offsets, object));
             }
         }
@@ -462,7 +462,7 @@ static inline void find_catch_block(EXCEPTION_RECORD *rec, EXCEPTION_RECORD *unt
 
                 /* copy the exception to its destination on the stack */
                 copy_exception((void*)rec->ExceptionInformation[1],
-                        orig_frame, dispatch, catchblock, type);
+                        orig_frame, dispatch, catchblock, type, exc_base);
             }
             else
             {
-- 
1.9.5